I have a problem i integreted the CKeditor to my CMS, and when i copy some text to the query show me a <\h2> <\p> after a , then if a try to delete those statament , after i deleted it showed me on page more <\h2> <\p>
<\p>
<\p>
<\p>
<\p>
page.php
// Query the body section for the proper page
$stmt = $con->prepare('SELECT pagebody FROM travel WHERE link = ?');
$stmt->bind_param('s', $pageid);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_array()) {
// do something with $row
$body = htmlspecialchars_decode(stripslashes($row['pagebody'])); //pentru caractere speciale
} <?php echo $body; ?>
//edit_page
<?php
// You may want to obtain refering site name that this post came from for security purposes here
// exit the script if it is not from your site and script
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$pid = $_POST['pid'];
$titlu = $_POST['titlu'];
$link = $_POST['link'];
$keyword = $_POST['keyword'];
$poza = $_POST['poza'];
$descriere = $_POST['descriere'];
$data = $_POST['data'];
$pagebody = $_POST['pagebody'];
// Filter Function -------------------------------------------------------------------
function filterFunction ($var) {
$var = nl2br(htmlspecialchars($var));
$var = str_replace("/", "\\\\", $var);
$var = preg_replace("~/~", "\\\\", $var);
return $var;
}
$titlu = filterFunction($titlu);
$link = filterFunction($link);
$keyword = filterFunction($keyword);
$poza = filterFunction($poza);
$descriere = filterFunction($descriere);
$data = filterFunction($data);
$pagebody = filterFunction($pagebody);
// End Filter Function --------------------------------------------------------------
include_once "../conx.php";
// Add the updated info into the database table
$stmt = $con->prepare("UPDATE travel SET titlu=?, link=?, keywords=?, poza=?, descriere=?, pagebody=?, data=? WHERE id = ?");
// TODO check that $stmt creation succeeded
// "s" means the database expects a string
$stmt->bind_param("ssssssss", $titlu, $link, $keyword, $poza, $descriere, $pagebody, $data, $pid);
$stmt->execute();
$stmt->close();
That's due to this line in your PHP code:
$var = str_replace("/", "\\\\", $var);
Related
I am trying to capture a value that is calculated on a PHP page called "classes_day.php" at the same time as I pass a value per GET, "? Day = YYYY-mm-dd" to it. How do I do this with JS or JQuery?
<?php
// aulas_dia.php
include '../config.php';
$exped_duration = 14*60;
if (isset($_GET['data'])) {
$data = $_GET['data'];
$query = "SELECT * FROM `task` WHERE `dia` LIKE ".$data."";
$result = mysqli_query($link,$query);
$soma = 0;
while ($row = mysqli_fetch_assoc($result)) {
$soma = $soma+$row['duration'];
}
$aulas_free = floor(($exped_duration-$soma)/50);
echo $aulas_free;
}
?>
I already tried using an iframe and contentwindow, but iframe gets the value and the contentwindow is empty (weird isn't it?).
Following Barmar's tip, I'm using $ .get, but I don't know why this loop is not working, can anyone help me?
for (i = 0; i < num_days; i++) {
x = (first_day+i)%7;
y = (first_day+i-x)/7;
h_dia(String(y)+String(x),i+1);
data_c = ano+"-"+mes+"-"+String(i+1);
$.get("aulas_dia.php?data="+data_c, function(data){
console.log(String(y)+String(x)+" - "+data_c+" - "+data);
set_aulas_fun(String(y)+String(x),data);
});
}
Use $.get() to send an AJAX request.
$.get("classes_day.php?data=YYYY-MM-DD", function(response) {
console.log(response);
});
BTW, you can add up all the durations in the SQL query instead of using a PHP loop. And you should use a prepared statement to prevent SQL injection.
<?php
include '../config.php';
$exped_duration = 14*60;
if (isset($_GET['data'])) {
$data = $_GET['data'];
$query = "SELECT SUM(duration) AS total FROM `task` WHERE `dia` LIKE ?";
$stmt = $link->prepare($query);
$stmt->bind_param("s", $data);
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
$soma = $row['total'];
$aulas_free = floor(($exped_duration-$soma)/50);
echo $aulas_free;
}
While getting data from the database it is alerting 0000:00:00 while in the database it is inserting write date
<?php
$query = "select * from Reply t1 inner join users t2 on t1.UserId = t2.UserId where comment = '$commentid'";
$run1 = mysqli_query($mysqli,$query);
$numberRows = mysqli_num_rows($run1);
while($row1 = mysqli_fetch_array($run1))
{
$Reply = $row1['Reply'];
$UserId = $row1['UserId'];
$UserName = $row1['UserName'];
$date1 = $row['Date'];
echo "<script>alert('$date1')</script>";
$ageDate1 = time_elapsed_string($date1);
echo "<script>alert('$ageDate1')</script>";
?>
I have two problems.
First one:
I have a two tables in my database (gmembers and groups) and I want to check if a user quit from the group and there are no memebrs remaining in it delete that group. Firstly I collected every groups that has no members in an array called junk. Then I used a for loop to access every item of the junk array and delete from the database. But since I want to delete from two tables at the same time I had to use JOIN. I don't know why but this only delete from the gmembers table and nothing happens with the groups table.
I tried to tear it into two parts and delete once from the gmembers and then from the groups in another sql but I got the same result as I got with the JOIN one.
Code:
<?php
if(isset($_POST["action"]) && $_POST['action'] == "quit_group"){
// Empty check
if($gS == "" || $uS == ""){
exit();
}
// Make sure already member
$sql = "SELECT id FROM gmembers WHERE gname=? AND mname=? AND approved=? LIMIT 1";
$stmt = $conn->prepare($sql);
$stmt->bind_param("sss",$gS,$uS,$one);
$stmt->execute();
$stmt->store_result();
$stmt->fetch();
$numrows = $stmt->num_rows;
if($numrows < 1){
exit();
}
// Remove from the database
$sql = "DELETE FROM gmembers WHERE mname=? AND gname=? LIMIT 1";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ss",$uS,$gS);
$stmt->execute();
$stmt->close();
// If the group is empty remove from the database
$junk = array();
$sql = "SELECT * FROM gmembers WHERE approved=? AND admin=?";
$stmt = $conn->prepare($sql);
$stmt->bind_result($zero,$zero);
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()){
array_push($junk, $row["gname"]);
}
$stmt->close();
for($i=0; $i<count($junk); $i++){
// Delete from gmembers
$groupa = $junk[$i];
$sql = "DELETE * FROM gmembers gm JOIN groups gr ON gm.gname = gr.name WHERE gm.gname=? AND gr.name=?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ss",$groupa,$groupa);
$stmt->execute();
$stmt->close();
}
echo "was_removed";
exit();
}
?>
Second One:
I'm also having problems with ajax.responseText. When a group has been created and there are no erros I want to header the user to that groups that he/she has just created. So when everything is fine I echo the name of the group ($name) and the was created title. Then with javascript I check for these and I header them to the group page. But at this point my code fails. It only echos group_created|example group in an alert box and window.location = "group.php?g="+sid; does not work.
PHP Code:
<?php
// Create new group
if(isset($_POST["action"]) && $_POST['action'] == "new_group"){
// GATHER THE POSTED DATA INTO LOCAL VARIABLES
$name = preg_replace('#[^a-z 0-9]#i', '', $_POST['name']);
$inv = preg_replace('#[^0-9.]#', '', $_POST['inv']);
// DUPLICATE DATA CHECKS FOR USERNAME AND EMAIL
if ($inv == "1"){
$inv = "0";
}
if ($inv == "2"){
$inv = "1";
}
$sql = "SELECT id FROM groups WHERE name=? LIMIT 1";
$stmt = $conn->prepare($sql);
$stmt->bind_param("s",$name);
$stmt->execute();
$stmt->store_result();
$stmt->fetch();
$n_check = $stmt->num_rows;
// FORM DATA ERROR HANDLING
if($name == "" || $inv == ""){
echo "The form submission is missing values.";
exit();
} else if ($n_check > 0){
echo "The group name you entered is alreay taken";
exit();
} else if (strlen($name) < 3 || strlen($name) > 50) {
echo "Group name must be between 3 and 50 characters";
exit();
} else if (is_numeric($name[0])) {
echo 'Group name cannot begin with a number';
exit();
} else {
$stmt->close();
// END FORM DATA ERROR HANDLING
// Begin Insertion of data into the database
// Add group to database
$gicon = "group_icon.png";
$sql = "INSERT INTO groups (name, creation, logo, invrule, creator)
VALUES(?,NOW(),?,?,?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssss",$name,$gicon,$inv,$uS);
$stmt->execute();
$stmt->close();
// Add to group member to database
$sql = "INSERT INTO gmembers (gname, mname, approved, admin)
VALUES(?,?,?,?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssss",$name,$uS,$one,$one);
$stmt->execute();
$stmt->close();
if (!file_exists("../groups")) {
mkdir("../groups", 0755);
}
// Create directory(folder) to hold each user's files(pics, MP3s, etc.)
if (!file_exists("../groups/$name")) {
mkdir("../groups/$name", 0755);
}
$gLogo = '../images/group_icon.png';
$gLogo2 = "../groups/$name/group_icon.png";
if (!copy($gLogo, $gLogo2)) {
echo "failed to create logo.";
}
echo "group_created|$name";
exit();
}
exit();
}
?>
The error handling, inserting, folder/file creating etc. works perfect except this line: echo "group_created|$name";
JS Code:
function createGroup(){
var name = _("gname").value;
var inv = _("invite").value;
if(name == "" || inv == ""){
alert("Fill in all fields");
return false;
}else{
status.innerHTML = 'please wait...';
var ajax = ajaxObj("POST", "php_parsers/group_parser.php");
ajax.onreadystatechange = function(){
if(ajaxReturn(ajax) == true){
var datArray = ajax.responseText.split("|");
if(datArray[0] == "group_created"){
var sid = datArray[1];
window.location = "group.php?g="+sid;
}else{
alert(ajax.responseText);
}
}
}
ajax.send("action=new_group&name="+name+"&inv="+inv);
}
}
Here I check for what ajax gives back and I split into two part the echo "group_created|$name"; but the window.location function does not work.
For the Second One
Use:
window.Location.assign("group.php?g="+sid);
Or:
window.Location.replace("group.php?g="+sid);
I'm working on a script that forms a web page based on what is in my database. For his I call a java script function when the page loads and whenever the page needs to update.
Firstly I made a script that gets the information from the database, passes it to java script by echo "var region_list = ". $js_region_list . ";\n"; and then proceeded to generate the page itself which worked.
After that I tried to get this to work based on an AJAX request but this failed horribly. As it stands I get correct information from the database but it does not change the value of echo "var region_list = ". $js_region_list . ";\n"; which prevents the page from updating.
The PHP part of my script:
if(isset($_POST["campaign_id"])){
// Get variables and sanetize
$campaign_id = preg_replace('#[^0-9]#i', '', $campaign_id);
// Create planet list
$planet_list = array();
$sql = "SELECT planet_nr, size, moon FROM planets WHERE campaign_id = $campaign_id";
if ($result = mysqli_query($db_conx, $sql)) {
/* fetch associative array */
while ($row = mysqli_fetch_assoc($result)) {
array_push($planet_list, array($row["planet_nr"],$row["size"],$row["moon"]));
}
/* free result set */
mysqli_free_result($result);
}
// Create region list
$region_list = array();
$sql = "SELECT planet_id, region_id, region_type, owner FROM regions WHERE campaign_id = $campaign_id";
if ($result = mysqli_query($db_conx, $sql)) {
/* fetch associative array */
while ($row = mysqli_fetch_assoc($result)) {
array_push($region_list, array($row["planet_id"],$row["region_id"],$row["region_type"],$row["owner"]));
}
/* free result set */
mysqli_free_result($result);
}
// Convert array's for use in java
$js_planet_list = json_encode($planet_list);
$js_region_list = json_encode($region_list);
$list = array($planet_list, $region_list);
$list = json_encode($list);
echo $list;
exit();
The javascript part:
<?php
echo "var planet_list = ". $js_planet_list . ";\n";
echo "var region_list = ". $js_region_list . ";\n";
?>
var ajax = ajaxObj("POST", "campaign.php?c="+campaign_id);
ajax.onreadystatechange = function() {
if(ajaxReturn(ajax) == true) {
if(ajax.responseText == "Fail"){
alert(ajax.responseText);
}
}
}
ajax.send("campaign_id="+campaign_id);
NOTE: These are just snippets of the whole script. The whole script is in the same PHP file with the PHP up above between it's tags and the java down between the script tags.
In your ajax success part, you need to just update the values of the the variables planet_list and region_list as shown below
planet_list = JSON.parse(ajax.responseText[0]);
region_list = JSON.parse(ajax.responseText[1]);
Recently I am learning single page application, but I got a problem, the project I am working on is inside a folder that contain many folders, php js are folders in side the main folder, and each contain its type of files, the problem is that one of the php file called getmax.php gives me the maximum id ,I want to use this max(id) in a js file called module.js in order to give the new module the next id , the module.js should gives this id to another php file called insert.php ,the connection between the module.js and insert.php is working properly if I set the id manually . but I could not figure out how can I make it use the max(id) from the getmax.php file.
note: I noticed lately I'm using MySQL and I should used mysqli I will fix it later.
the getmax.php is:
<?php
// alle relevanten Tabellen abfragen und als json zurückgeben.
$json["status"] = "running";
$details[] = "started get_tables ";
// Include confi.php
include_once('confi.php');
//var_dump($_POST);
$request_body = file_get_contents('php://input');
// first store the given set of data to keep it for future analysis
$statement = "INSERT INTO tbl_archive (content) VALUES ('$request_body' );";
mysql_query($statement);
$input = json_decode($request_body, true);
// now check if valid user
$user = $input["user"];
$username = $user["username"];
$password = $user["password"];
if($password and $username){
$mySQLstring = "SELECT username, password, id, create_user FROM tbl_user where username = '$username' ;";
$json["statement"][] = $mySQLstring;
$qur = mysql_query($mySQLstring);
//var_dump ( $qur );
if ($qur){
$max = mysql_fetch_assoc($qur);
}
if ($max){
$json["max"] = $max;
if ($max["password"] == $password){
$json["username"] = $username;
$json["id"] = $max["id"];
$json["create_user"] = $max["create_user"];
$json["status"] = "ok";
$tables = array("class", "class_user", "module", "module_class", "module_user", "rating", "student", "student_class");
//$tables = array("class");
foreach($tables as $table){
if ( $table == 'module' ){
$statement ='SELECT create_user, MAX(id) FROM tbl_'.$table;
//$statement .= ' GROUP BY create_user' ;
$statement .= ' WHERE create_user = 19 ' ;
$qur = mysql_query($statement);
if ($qur){
while($r = mysql_fetch_array($qur, MYSQL_ASSOC)){
//var_dump($r);
//echo (json_encode($r));
$result[$table][] = $r;
}
}
}
}
$json = array("status" => "ok", "data" => $result);
}
}
}
#mysql_close($conn);
/* Output header */
header('Content-type: application/json');
echo json_encode($json);
?>
PHP and JS are run on the server and client respectively, and as such you cannot call methods/functions of one from the other. AJAX exists to pass values between JS and serverside code.